From 1dacb511e29d47662d881bd9bd7e3ec331e60c68 Mon Sep 17 00:00:00 2001 From: Peter Simons Date: Fri, 27 Jul 2012 11:21:32 +0200 Subject: [PATCH] esniper: add support for CURL_CA_BUNDLE variable to fix SSL authentication errors --- .../networking/esniper/default.nix | 3 +++ .../networking/esniper/find-ca-bundle.patch | 26 +++++++++++++++++++ 2 files changed, 29 insertions(+) create mode 100644 pkgs/applications/networking/esniper/find-ca-bundle.patch diff --git a/pkgs/applications/networking/esniper/default.nix b/pkgs/applications/networking/esniper/default.nix index 8dedd4013b9a..327e4c4a9c52 100644 --- a/pkgs/applications/networking/esniper/default.nix +++ b/pkgs/applications/networking/esniper/default.nix @@ -10,6 +10,9 @@ stdenv.mkDerivation { buildInputs = [openssl curl]; + # Add support for CURL_CA_BUNDLE variable. + patches = [ ./find-ca-bundle.patch ]; + postInstall = '' sed <"frontends/snipe" >"$out/bin/snipe" \ -e "2i export PATH=\"$out/bin:${coreutils}/bin:${gawk}/bin:${bash}/bin:${which}/bin:\$PATH\"" diff --git a/pkgs/applications/networking/esniper/find-ca-bundle.patch b/pkgs/applications/networking/esniper/find-ca-bundle.patch new file mode 100644 index 000000000000..e4df272a0c9a --- /dev/null +++ b/pkgs/applications/networking/esniper/find-ca-bundle.patch @@ -0,0 +1,26 @@ +diff -ubr '--exclude=*.o' esniper-2-27-0-orig/http.c esniper-2-27-0-patched/http.c +--- esniper-2-27-0-orig/http.c 2012-02-06 22:04:06.000000000 +0100 ++++ esniper-2-27-0-patched/http.c 2012-07-27 10:54:20.893054646 +0200 +@@ -200,6 +200,9 @@ + int + initCurlStuff(void) + { ++ /* Path to OpenSSL bundle file. */ ++ const char *ssl_capath=NULL; ++ + /* list for custom headers */ + struct curl_slist *slist=NULL; + +@@ -241,6 +244,12 @@ + if ((curlrc = curl_easy_setopt(easyhandle, CURLOPT_COOKIEFILE, ""))) + return initCurlStuffFailed(); + ++ /* If the environment variable CURL_CA_BUNDLE is set, pass through its ++ * contents to curl. */ ++ if ((ssl_capath = getenv("CURL_CA_BUNDLE"))) ++ if ((curlrc = curl_easy_setopt(easyhandle, CURLOPT_CAINFO, ssl_capath))) ++ return initCurlStuffFailed(); ++ + slist = curl_slist_append(slist, "Accept: text/*"); + slist = curl_slist_append(slist, "Accept-Language: en"); + slist = curl_slist_append(slist, "Accept-Charset: iso-8859-1,*,utf-8");